func Remember(r *http.Request, w http.ResponseWriter, id uint64) error {
if id == 0 {
return nil
}
session, err := sessionStore.New(r, "remember")
if err != nil {
return err
}
se, rerr := RedisClient.Get(fmt.Sprintf("user:%d:password", id))
if rerr != nil {
return rerr
}
ph := passwordhash.NewSaltIter(se.String(), rememberKey, passwordhash.DefaultIterations)
values := make([]interface{}, 2)
values[0] = id
values[1] = string(ph.Hash)
encoded, err := securecookie.EncodeMulti(session.Name(), values, sessionStore.Codecs...)
if err != nil {
return err
}
cookie := &http.Cookie{
Name: session.Name(),
Value: encoded,
Path: rememberOpts.Path,
Domain: rememberOpts.Domain,
MaxAge: rememberOpts.MaxAge,
Secure: rememberOpts.Secure,
HttpOnly: rememberOpts.HttpOnly,
}
http.SetCookie(w, cookie)
context.DefaultContext.Clear(r)
return nil
}
func Regen(r *http.Request) (uint64, error) {
name := "remember"
c, err := r.Cookie(name)
if err != nil {
if err == http.ErrNoCookie {
return 0, nil
}
fmt.Println("cookie err", err)
return 0, err
}
vals := make([]interface{}, 2)
err = securecookie.DecodeMulti(name, c.Value, &vals, sessionStore.Codecs...)
if err != nil {
return 0, err
}
id := vals[0].(uint64)
se, rerr := RedisClient.Get(fmt.Sprintf("user:%d:password", id))
if rerr != nil {
return 0, rerr
}
ph := passwordhash.NewSaltIter(se.String(), rememberKey, passwordhash.DefaultIterations)
if string(ph.Hash) == vals[1].(string) {
return id, nil
}
return 0, nil
}